2 matches found
CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
CVE-2024-22412
The CVE-2024-22412 issue affects ClickHouse: in cloud ClickHouse prior to 24.0.2.54535 and in ClickHouse 23.1, query caching can bypass role-based access controls, exposing data to users with a role who should be restricted. Affected versions' query cache behavior is described as not documented a...